6 Tips for Implementing AML Policies When Dealing in NFTs

Anti-money laundering (AML) laws under the Bank Secrecy Act (BSA) require banks and other money services businesses to follow strict reporting requirements. That can be an onerous responsibility for many organizations, especially in blockchain-based markets where customer due diligence is frequently more challenging.


Nevertheless, engaging in business involving NFTs and other virtual tokens may implicate these laws in the future, so it’s best to be prepared. Below, we’ll discuss some practical tips you can follow to make sure you’re fully compliant with AML requirements.

First, Why Are AML Policies Necessary?


As the law currently stands, NFTs don’t technically qualify under the BSA’s reporting requirements as the law currently stands. The Anti-Money Laundering Act of 2020 extended requirements to any organization that deals in “value that substitutes for currency or funds.” In many cases, cryptocurrency exchanges would qualify there, but when it comes to NFTs, lawmakers haven’t yet made any definite determinations.


However, there is a possibility that the BSA may be extended to NFT trading platforms such as OpenSea and Rarible as art dealers, similar to how auction houses might be regulated. Additionally, the possibility that NFTs could be used to ”tumble” cryptocurrency (i.e. pass it rapidly around multiple wallets to make ownership harder to track) may lead to more stringent regulations in the future.


It’s possible that NFTs could become subject to AML requirements in the not-too-distant future, so it’s best to be prepared.

Practical Tips for Implementing AML Procedures

If you handle transactions involving NFTs, manage a trading platform, or use NFTs as part of your organization’s operations, you may want to consider implementing an AML program. Some essential tips here include the following:

1. Know Who You’re Dealing With

Due diligence is vital to any component of regulatory compliance, and it’s certainly no different when it comes to AML laws. You need policies and procedures in place to determine who you’re doing business with and document transactions. That means adopting some methodologies for verifying your customers’ identities, much like a bank, though your data will likely consist of IP addresses and the like.


That information can then be used to help you assess the risk of engaging in transactions with any given seller, buyer, intermediary, etc. and keep your liability to a minimum.

2. Be Ready to File SARs

A suspicious activity report, or SAR, is a report that includes details related to transactions that may seem suspicious. Historically, transactions involving high-value art could prompt an SAR if there appears to be any strange activity surrounding the exchange, particularly if those activities hint at money laundering. Since NFT exchanges may be considered similar to art auction houses, you may need to report these details:


  • A description of how the suspicious activity is related to art (in this case, an NFT)
  • The volume/dollar amount involved
  • Identifying information for buyers, sellers, etc., including where reported parties are located


Naturally, this requires you to have methods in place to gather this information.

3. Get Your Policies Written Down

Your policies should be clearly written and well organized. Most of all, they must be concrete—have them written down and keep them secure. This is not just to make sure you’re able to follow your procedures when needed (though that is definitely important)—it also serves as a defence in the event that your organization comes under scrutiny. If you have well-written AML policies in place, it will serve as evidence that you take regulatory compliance seriously.

4. Keep Reviewing Your Policies

Having your policies written down once isn’t usually sufficient, especially in a market as volatile as NFT trading. Keep revisiting them on a routine basis and update them as often as needed. Laws may change, requiring adjustments to minimize your exposure to liability, and you might identify risks that you weren’t aware of previously as you engage in business dealings.

5. Train Everyone

AML isn’t restricted to executives and managers only. Everyone involved in your organization should be aware of your policies and well versed in the actions they’ll need to take to maintain compliance. Routine training outlining both the “how” and the “why” of your AML policies can help you get buy-in and maintain steady compliance throughout every component of your organization.

6. Get a Pro Involved

Finally, you shouldn’t expect to develop and implement an effective AML program without some form of expert consultation. A legal professional who is well-versed in AML law and the nuances of NFT trading can help you design policies that will protect you from being involved in suspicious activities and hold up under scrutiny. If nothing else, it’s always good to get an additional pair of eyes on a complex written policy, so don’t try to do it alone.

Maintaining Compliance with AML Laws

Compliance is an ongoing effort. Even if the law doesn’t technically cover NFT exchanges now, it may do so in the future. If you manage an exchange or act as an agent or intermediary in high-value transactions, you’ll likely want to implement some sound procedures to keep yourself and your clientele safe from both suspicious activity and government enforcement actions.


Share This Article